diff --git a/blue/configuration.nix b/blue/configuration.nix index d889fab..687c9f4 100644 --- a/blue/configuration.nix +++ b/blue/configuration.nix @@ -2,7 +2,8 @@ config, pkgs, ... -}: { +}: +{ imports = [ ]; @@ -14,13 +15,16 @@ gc.automatic = true; gc.options = "--delete-older-than 7d"; package = pkgs.nixVersions.latest; - settings.experimental-features = ["nix-command" "flakes"]; + settings.experimental-features = [ + "nix-command" + "flakes" + ]; }; boot = { kernelPackages = pkgs.linuxPackages_latest; - kernelParams = ["msr.allow_writes=on"]; - supportedFilesystems = ["btrfs"]; + kernelParams = [ "msr.allow_writes=on" ]; + supportedFilesystems = [ "btrfs" ]; tmpOnTmpfs = true; initrd.compressor = "zstd"; loader.systemd-boot = { @@ -39,7 +43,7 @@ doas.enable = true; doas.extraRules = [ { - users = ["akill"]; + users = [ "akill" ]; keepEnv = true; persist = true; } @@ -53,15 +57,16 @@ networking = { firewall.enable = true; hostName = "blue"; - nameservers = ["127.0.0.1" "::1"]; + nameservers = [ + "127.0.0.1" + "::1" + ]; dhcpcd.extraConfig = "nohook resolv.conf"; networkmanager = { enable = true; dns = "none"; - /* - wifi.backend = "iwd"; - */ + # wifi.backend = "iwd"; }; }; @@ -92,8 +97,8 @@ services = { "caps2esc" = { description = "Intercepts keyboard udev events"; - wants = ["systemd-udevd.service"]; - wantedBy = ["multi-user.target"]; + wants = [ "systemd-udevd.service" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig.Nice = -20; script = '' ${pkgs.interception-tools}/bin/intercept \ @@ -152,7 +157,10 @@ windowManager.i3.enable = true; }; - udev.packages = [pkgs.rtl-sdr pkgs.openhantek6022]; + udev.packages = [ + pkgs.rtl-sdr + pkgs.openhantek6022 + ]; tlp = { enable = true; @@ -162,32 +170,38 @@ enable = true; bindings = [ { - keys = [113]; - events = ["key"]; + keys = [ 113 ]; + events = [ "key" ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'"; } { - keys = [114]; - events = ["key" "rep"]; + keys = [ 114 ]; + events = [ + "key" + "rep" + ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'"; } { - keys = [115]; - events = ["key" "rep"]; + keys = [ 115 ]; + events = [ + "key" + "rep" + ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'"; } { - keys = [224]; - events = ["key"]; + keys = [ 224 ]; + events = [ "key" ]; command = "${pkgs.light}/bin/light -U 5"; } { - keys = [225]; - events = ["key"]; + keys = [ 225 ]; + events = [ "key" ]; command = "${pkgs.light}/bin/light -A 5"; } ]; @@ -237,7 +251,7 @@ allowBitmaps = true; useEmbeddedBitmaps = true; defaultFonts = { - monospace = ["JetBrainsMono"]; + monospace = [ "JetBrainsMono" ]; }; }; @@ -306,6 +320,14 @@ users.users.akill = { isNormalUser = true; shell = pkgs.zsh; - extraGroups = ["wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout"]; + extraGroups = [ + "wireshark" + "kvm" + "tty" + "audio" + "sound" + "adbusers" + "dialout" + ]; }; } diff --git a/blue/hardware-configuration.nix b/blue/hardware-configuration.nix index 5d5361e..5538d74 100644 --- a/blue/hardware-configuration.nix +++ b/blue/hardware-configuration.nix @@ -6,47 +6,77 @@ lib, modulesPath, ... -}: { +}: +{ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; fsType = "btrfs"; - options = ["subvol=root" "compress=zstd" "noatime"]; + options = [ + "subvol=root" + "compress=zstd" + "noatime" + ]; }; - boot.initrd.luks.devices."enc_root".device = "/dev/disk/by-uuid/8eb8ac22-d89d-4406-bfbd-ce43e283649f"; + boot.initrd.luks.devices."enc_root".device = + "/dev/disk/by-uuid/8eb8ac22-d89d-4406-bfbd-ce43e283649f"; fileSystems."/home" = { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; fsType = "btrfs"; - options = ["subvol=home" "compress=zstd" "noatime"]; + options = [ + "subvol=home" + "compress=zstd" + "noatime" + ]; }; fileSystems."/nix" = { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; fsType = "btrfs"; - options = ["subvol=nix" "compress=zstd" "noatime"]; + options = [ + "subvol=nix" + "compress=zstd" + "noatime" + ]; }; fileSystems."/var/log" = { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; fsType = "btrfs"; - options = ["subvol=log" "compress=zstd" "noatime"]; + options = [ + "subvol=log" + "compress=zstd" + "noatime" + ]; neededForBoot = true; }; fileSystems."/persist" = { device = "/dev/disk/by-uuid/0af4dcb9-6e59-4946-87b2-0d2f14b808d4"; fsType = "btrfs"; - options = ["subvol=persist" "compress=zstd" "noatime"]; + options = [ + "subvol=persist" + "compress=zstd" + "noatime" + ]; }; fileSystems."/boot" = { @@ -54,7 +84,7 @@ fsType = "vfat"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/common/packages.nix b/common/packages.nix index 03a1e20..0da4c17 100644 --- a/common/packages.nix +++ b/common/packages.nix @@ -3,8 +3,10 @@ nix-xilinx, system, ... -}: { - environment.systemPackages = with pkgs; +}: +{ + environment.systemPackages = + with pkgs; [ acpi binutils @@ -92,5 +94,11 @@ zip z-lua ] - ++ (with nix-xilinx.packages.${system}; [vivado vitis vitis_hls model_composer xilinx-shell]); + ++ (with nix-xilinx.packages.${system}; [ + vivado + vitis + vitis_hls + model_composer + xilinx-shell + ]); } diff --git a/common/suspend.nix b/common/suspend.nix index f9da254..ba6963c 100644 --- a/common/suspend.nix +++ b/common/suspend.nix @@ -4,9 +4,11 @@ pkgs, ... }: -with lib; let +with lib; +let cfg = config.services.batteryNotifier; -in { +in +{ options = { services.batteryNotifier = { enable = mkOption { @@ -42,7 +44,7 @@ in { timerConfig.OnBootSec = "1m"; timerConfig.OnUnitInactiveSec = "1m"; timerConfig.Unit = "lowbatt.service"; - wantedBy = ["timers.target"]; + wantedBy = [ "timers.target" ]; }; systemd.user.services."lowbatt" = { description = "battery level notifier"; diff --git a/flake.nix b/flake.nix index 6d240fb..da93357 100644 --- a/flake.nix +++ b/flake.nix @@ -50,130 +50,137 @@ }; }; - outputs = inputs @ { - home-manager, - nixpkgs, - nix-xilinx, - nvim, - peerix, - project-cloud, - simple-nixos-mailserver, - sops-nix, - swaysw, - zremap, - ... - }: let - pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs; - in { - nixosConfigurations = rec { - nixy = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [ - {_module.args = inputs;} - {_module.args.system = system;} - {nix.registry.nixpkgs.flake = nixpkgs;} - ./common/packages.nix - ./common/suspend.nix - ./nixy/configuration.nix - ./nixy/hardware-configuration.nix - sops-nix.nixosModules.sops - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.akill = import ./home/home.nix; - home-manager.extraSpecialArgs = {inherit inputs system;}; - home-manager.backupFileExtension = "home_backup"; - } - peerix.nixosModules.peerix - { - services.peerix = { - enable = true; - globalCacheTTL = 10; - package = peerix.packages.x86_64-linux.peerix; - openFirewall = true; # UDP/12304 - privateKeyFile = nixy.config.sops.secrets."peerix/private".path; - publicKeyFile = ./nixy/peerix-public; - publicKey = "peerix-mediabox:UDgG3xdQYv7bmx2l4ZPNRPJtp2zMmY++H/fnGeJ9BQw="; - }; - } - ]; + outputs = + inputs@{ + home-manager, + nixpkgs, + nix-xilinx, + nvim, + peerix, + project-cloud, + simple-nixos-mailserver, + sops-nix, + swaysw, + zremap, + ... + }: + let + pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs; + in + { + nixosConfigurations = rec { + nixy = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [ + { _module.args = inputs; } + { _module.args.system = system; } + { nix.registry.nixpkgs.flake = nixpkgs; } + ./common/packages.nix + ./common/suspend.nix + ./nixy/configuration.nix + ./nixy/hardware-configuration.nix + sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.akill = import ./home/home.nix; + home-manager.extraSpecialArgs = { inherit inputs system; }; + home-manager.backupFileExtension = "home_backup"; + } + peerix.nixosModules.peerix + { + services.peerix = { + enable = true; + globalCacheTTL = 10; + package = peerix.packages.x86_64-linux.peerix; + openFirewall = true; # UDP/12304 + privateKeyFile = nixy.config.sops.secrets."peerix/private".path; + publicKeyFile = ./nixy/peerix-public; + publicKey = "peerix-mediabox:UDgG3xdQYv7bmx2l4ZPNRPJtp2zMmY++H/fnGeJ9BQw="; + }; + } + ]; + }; + + mediabox = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [ + { _module.args = inputs; } + { _module.args.system = system; } + { nix.registry.nixpkgs.flake = nixpkgs; } + ./common/packages.nix + ./common/suspend.nix + ./mediabox/configuration.nix + ./mediabox/hardware-configuration.nix + ./modules/qbittorrent.nix + sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.akill = import ./home/home.nix; + home-manager.extraSpecialArgs = { inherit inputs system; }; + } + peerix.nixosModules.peerix + { + services.peerix = { + enable = true; + globalCacheTTL = 10; + package = peerix.packages.x86_64-linux.peerix; + openFirewall = true; # UDP/12304 + privateKeyFile = mediabox.config.sops.secrets."peerix/private".path; + publicKeyFile = ./mediabox/peerix-public; + publicKey = "peerix-nixy:8THqS0R2zWF/47ai0RFmqJnieYTZ1jaWOD9tnzpvA6s="; + }; + } + ]; + }; + + blue = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [ + { _module.args = inputs; } + { _module.args.system = system; } + { nix.registry.nixpkgs.flake = nixpkgs; } + ./blue/configuration.nix + ./blue/hardware-configuration.nix + ./common/packages.nix + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.akill = import ./home/home.nix; + home-manager.extraSpecialArgs = { inherit inputs system; }; + } + ]; + }; + magpie = nixpkgs.lib.nixosSystem rec { + system = "aarch64-linux"; + modules = [ + { _module.args = inputs; } + { _module.args.system = system; } + { nix.registry.nixpkgs.flake = nixpkgs; } + ./magpie/configuration.nix + ./magpie/hardware-configuration.nix + simple-nixos-mailserver.nixosModule + sops-nix.nixosModules.sops + (builtins.toPath "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix") + ]; + }; }; - mediabox = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [ - {_module.args = inputs;} - {_module.args.system = system;} - {nix.registry.nixpkgs.flake = nixpkgs;} - ./common/packages.nix - ./common/suspend.nix - ./mediabox/configuration.nix - ./mediabox/hardware-configuration.nix - ./modules/qbittorrent.nix - sops-nix.nixosModules.sops - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.akill = import ./home/home.nix; - home-manager.extraSpecialArgs = {inherit inputs system;}; - } - peerix.nixosModules.peerix - { - services.peerix = { - enable = true; - globalCacheTTL = 10; - package = peerix.packages.x86_64-linux.peerix; - openFirewall = true; # UDP/12304 - privateKeyFile = mediabox.config.sops.secrets."peerix/private".path; - publicKeyFile = ./mediabox/peerix-public; - publicKey = "peerix-nixy:8THqS0R2zWF/47ai0RFmqJnieYTZ1jaWOD9tnzpvA6s="; - }; - } + devShell.x86_64-linux = pkgs.mkShell { + buildInputs = with pkgs; [ + sops + ssh-to-age + age ]; + shellHook = '' + echo "Configuring NixOS!" + ''; }; - blue = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [ - {_module.args = inputs;} - {_module.args.system = system;} - {nix.registry.nixpkgs.flake = nixpkgs;} - ./blue/configuration.nix - ./blue/hardware-configuration.nix - ./common/packages.nix - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.akill = import ./home/home.nix; - home-manager.extraSpecialArgs = {inherit inputs system;}; - } - ]; - }; - magpie = nixpkgs.lib.nixosSystem rec { - system = "aarch64-linux"; - modules = [ - {_module.args = inputs;} - {_module.args.system = system;} - {nix.registry.nixpkgs.flake = nixpkgs;} - ./magpie/configuration.nix - ./magpie/hardware-configuration.nix - simple-nixos-mailserver.nixosModule - sops-nix.nixosModules.sops - (builtins.toPath "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix") - ]; - }; + formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; }; - - devShell.x86_64-linux = pkgs.mkShell { - buildInputs = with pkgs; [sops ssh-to-age age]; - shellHook = '' - echo "Configuring NixOS!" - ''; - }; - - formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; - }; } diff --git a/home/home.nix b/home/home.nix index 6ef7a26..9bd4e5f 100644 --- a/home/home.nix +++ b/home/home.nix @@ -2,12 +2,21 @@ lib, pkgs, ... -}: let +}: +let qutebrowser_firejail = pkgs.writeShellScriptBin "qutebrowser" '' firejail -- ${lib.getExe pkgs.qutebrowser} "$@" ''; -in { - imports = [./zsh.nix ./i3status-rust.nix ./sway.nix ./i3.nix ./home_packages.nix ./whatsapp-for-linux.nix]; +in +{ + imports = [ + ./zsh.nix + ./i3status-rust.nix + ./sway.nix + ./i3.nix + ./home_packages.nix + ./whatsapp-for-linux.nix + ]; home.stateVersion = "22.11"; home.username = "akill"; @@ -41,7 +50,9 @@ in { WLR_RENDERER = "vulkan"; }; - wayland.windowManager.sway = {enable = true;}; + wayland.windowManager.sway = { + enable = true; + }; programs = { home-manager.enable = true; @@ -60,7 +71,11 @@ in { clock24 = true; keyMode = "vi"; terminal = "screen-256color"; - plugins = with pkgs.tmuxPlugins; [sysstat net-speed gruvbox]; + plugins = with pkgs.tmuxPlugins; [ + sysstat + net-speed + gruvbox + ]; }; mpv = { @@ -137,7 +152,9 @@ in { font = "JetBrainsMono:size=10"; dpi-aware = "yes"; }; - mouse = {hide-when-typing = "yes";}; + mouse = { + hide-when-typing = "yes"; + }; }; }; @@ -183,8 +200,12 @@ in { userEmail = "asmir.abdulahovic@gmail.com"; extraConfig = { init.defaultBranch = "master"; - pull = {rebase = true;}; - credential = {helper = "store";}; + pull = { + rebase = true; + }; + credential = { + helper = "store"; + }; }; signing.key = "020C42B7A9ABA3E2"; signing.signByDefault = true; @@ -192,7 +213,14 @@ in { obs-studio = { enable = true; - plugins = with pkgs.obs-studio-plugins; [obs-vkcapture input-overlay obs-multi-rtmp obs-pipewire-audio-capture wlrobs obs-vaapi]; + plugins = with pkgs.obs-studio-plugins; [ + obs-vkcapture + input-overlay + obs-multi-rtmp + obs-pipewire-audio-capture + wlrobs + obs-vaapi + ]; }; i3status-rust.enable = true; @@ -220,36 +248,38 @@ in { enableSshSupport = true; }; - swayidle = let - locker = pkgs.writeShellScriptBin "swaylock_fancy" '' - TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg) - ${lib.getExe pkgs.grim} -t ppm - | ${pkgs.imagemagick}/bin/convert - -blur 0x12 "$TMP_FILE" - ${lib.getExe pkgs.swaylock} -f -i "$TMP_FILE" - ${pkgs.coreutils}/bin/rm "$TMP_FILE" - ''; - in { - enable = true; - events = [ - { - event = "before-sleep"; - command = "${locker}/bin/swaylock_fancy"; - } - { - event = "lock"; - command = "${locker}/bin/swaylock_fancy"; - } - { - event = "after-resume"; - command = "${pkgs.procps}/bin/pkill -USR1 i3status-rs"; - } - ]; - timeouts = [ - { - timeout = 15 * 60; - command = "${locker}/bin/swaylock_fancy"; - } - ]; - }; + swayidle = + let + locker = pkgs.writeShellScriptBin "swaylock_fancy" '' + TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg) + ${lib.getExe pkgs.grim} -t ppm - | ${pkgs.imagemagick}/bin/convert - -blur 0x12 "$TMP_FILE" + ${lib.getExe pkgs.swaylock} -f -i "$TMP_FILE" + ${pkgs.coreutils}/bin/rm "$TMP_FILE" + ''; + in + { + enable = true; + events = [ + { + event = "before-sleep"; + command = "${locker}/bin/swaylock_fancy"; + } + { + event = "lock"; + command = "${locker}/bin/swaylock_fancy"; + } + { + event = "after-resume"; + command = "${pkgs.procps}/bin/pkill -USR1 i3status-rs"; + } + ]; + timeouts = [ + { + timeout = 15 * 60; + command = "${locker}/bin/swaylock_fancy"; + } + ]; + }; kanshi = { enable = true; @@ -286,17 +316,17 @@ in { systemd.user = { services = { /* - himalaya = { - Unit.Description = "Himalaya new messages notifier"; - Service = { - ExecStart = "himalaya notify"; - Restart = "always"; - RestartSec = 10; - }; - Install = { - WantedBy = [ "multi-user.target" ]; - }; - }; + himalaya = { + Unit.Description = "Himalaya new messages notifier"; + Service = { + ExecStart = "himalaya notify"; + Restart = "always"; + RestartSec = 10; + }; + Install = { + WantedBy = [ "multi-user.target" ]; + }; + }; */ }; }; diff --git a/home/home_packages.nix b/home/home_packages.nix index 30bddea..e450586 100644 --- a/home/home_packages.nix +++ b/home/home_packages.nix @@ -4,7 +4,8 @@ inputs, system, ... -}: let +}: +let chromium_teams = pkgs.writeShellScriptBin "chromium_teams" '' ${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://teams.microsoft.com/ ''; @@ -25,9 +26,10 @@ PROXY_PORT="1337" ${lib.getExe pkgs.openssh} -D "$PROXY_PORT" -q -N "$@" ''; - wrap_sh = let - bubblewrap = pkgs.callPackage ../packages/bubblewrap/default.nix {}; - in + wrap_sh = + let + bubblewrap = pkgs.callPackage ../packages/bubblewrap/default.nix { }; + in pkgs.writeShellScriptBin "wrap.sh" '' if ${pkgs.coreutils-full}/bin/test $# -ne 1; then echo "Usage: $0 " @@ -41,8 +43,10 @@ --tmp-overlay "$FULL_PATH" \ "$SHELL" ''; -in { - home.packages = with pkgs; +in +{ + home.packages = + with pkgs; [ anydesk appimage-run @@ -57,7 +61,7 @@ in { ungoogled-chromium cmake compsize - /*cura*/ + # cura deluge dfu-util discord @@ -153,7 +157,7 @@ in { yt-dlp zapzap zathura - /*zeal-qt6*/ + # zeal-qt6 zig ] ++ [ @@ -166,7 +170,7 @@ in { ] ++ [ inputs.swaysw.packages.${system}.swaysw - (pkgs.callPackage ../packages/viber/default.nix {}) - (pkgs.callPackage ../packages/bubblewrap/default.nix {}) + (pkgs.callPackage ../packages/viber/default.nix { }) + (pkgs.callPackage ../packages/bubblewrap/default.nix { }) ]; } diff --git a/home/i3.nix b/home/i3.nix index 37d34c6..d822437 100644 --- a/home/i3.nix +++ b/home/i3.nix @@ -2,9 +2,11 @@ lib, pkgs, ... -}: let +}: +let scratchpad_cmd = "floating enable, resize set 1502 845, move position center, move scratchpad, scratchpad show"; -in { +in +{ xsession.windowManager.i3 = { enable = true; package = pkgs.i3; @@ -53,24 +55,28 @@ in { "${modifier}+Escape" = "workspace back_and_forth"; "${modifier}+p" = "exec ${pkgs.dmenu}/bin/dmenu_run"; - "Mod4+l" = "exec i3-msg [instance=\"python3_scr\"] scratchpad show || exec alacritty --class python3_scr -e python3"; + "Mod4+l" = + "exec i3-msg [instance=\"python3_scr\"] scratchpad show || exec alacritty --class python3_scr -e python3"; "Mod4+j" = "exec i3-msg [class=\"ViberPC\"] scratchpad show || exec viber"; "Mod4+m" = "exec i3-msg [class=\"Thunderbird\"] scratchpad show || exec thunderbird"; - "Mod4+y" = "exec i3-msg [instance=\"pulsemixer_scr\"] scratchpad show || exec alacritty --class pulsemixer_scr -e pulsemixer"; + "Mod4+y" = + "exec i3-msg [instance=\"pulsemixer_scr\"] scratchpad show || exec alacritty --class pulsemixer_scr -e pulsemixer"; }; window = { - /* - border = 4; - */ + # border = 4; commands = [ { command = scratchpad_cmd; - criteria = {instance = "pulsemixer_scr|python3_scr";}; + criteria = { + instance = "pulsemixer_scr|python3_scr"; + }; } { command = scratchpad_cmd; - criteria = {class = "Thunderbird";}; + criteria = { + class = "Thunderbird"; + }; } { command = scratchpad_cmd; @@ -81,7 +87,9 @@ in { } { command = "focus child, layout tabbed, focus"; - criteria = {class = "qutebrowser";}; + criteria = { + class = "qutebrowser"; + }; } ]; }; @@ -90,7 +98,10 @@ in { { position = "top"; fonts = { - names = ["DejaVu Sans Mono" "FontAwesome5Free"]; + names = [ + "DejaVu Sans Mono" + "FontAwesome5Free" + ]; style = "Fixed Bold SemiCondensed"; size = 7.0; }; diff --git a/home/i3status-rust.nix b/home/i3status-rust.nix index f49df7f..92899b5 100644 --- a/home/i3status-rust.nix +++ b/home/i3status-rust.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ programs.i3status-rust = { bars.top = { icons = "awesome5"; diff --git a/home/sway.nix b/home/sway.nix index 9d61fc6..faa9d55 100644 --- a/home/sway.nix +++ b/home/sway.nix @@ -4,7 +4,8 @@ system, lib, ... -}: let +}: +let cliphist_sway = pkgs.writeShellScriptBin "cliphist_sway" '' ${lib.getExe pkgs.cliphist} list | \ ${lib.getExe pkgs.wofi} --dmenu --insensitive | \ @@ -16,9 +17,10 @@ ${lib.getExe pkgs.grim} -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy ''; swaysw = inputs.swaysw.packages.${system}.swaysw; - viber = pkgs.callPackage ../packages/viber/default.nix {}; + viber = pkgs.callPackage ../packages/viber/default.nix { }; term = "${pkgs.foot}/bin/footclient"; -in { +in +{ wayland.windowManager.sway = { enable = true; extraSessionCommands = ""; @@ -26,7 +28,7 @@ in { config = { fonts = { - names = ["JetBrainsMono"]; + names = [ "JetBrainsMono" ]; style = "Bold Semi-Condensed"; size = 11.0; }; @@ -34,15 +36,21 @@ in { window.commands = [ { command = "move scratchpad, resize set 1152 648"; - criteria = {app_id = "pulsemixer|python3|com.rtosta.zapzap|whatsapp-for-linux|com.viber";}; + criteria = { + app_id = "pulsemixer|python3|com.rtosta.zapzap|whatsapp-for-linux|com.viber"; + }; } { command = "move scratchpad, resize set 1502 845"; - criteria = {app_id = "com.viber";}; + criteria = { + app_id = "com.viber"; + }; } { command = "floating enable"; - criteria = {app_id = "sws_cli";}; + criteria = { + app_id = "sws_cli"; + }; } ]; @@ -50,8 +58,8 @@ in { output = { eDP-1 = { /* - bg = "~/pic/wallpaper stretch"; - scale = "1.4"; + bg = "~/pic/wallpaper stretch"; + scale = "1.4"; */ }; @@ -61,16 +69,25 @@ in { }; input = { - "type:keyboard" = {repeat_delay = "150";}; - "type:keyboard" = {repeat_rate = "70";}; - "type:touchpad" = {tap = "enabled";}; + "type:keyboard" = { + repeat_delay = "150"; + }; + "type:keyboard" = { + repeat_rate = "70"; + }; + "type:touchpad" = { + tap = "enabled"; + }; }; bars = [ { position = "top"; fonts = { - names = ["Iosevka" "FontAwesome"]; + names = [ + "Iosevka" + "FontAwesome" + ]; style = "Bold Semi-Condensed"; size = 12.0; }; @@ -124,12 +141,14 @@ in { "Alt+bracketright" = "focus output right"; "Alt+bracketleft" = "focus output left"; - "Mod4+l" = '' - exec ${pkgs.sway}/bin/swaymsg [app_id="python3"] scratchpad show || exec ${term} -a python3 ${lib.getExe pkgs.python3}''; - "Mod4+j" = "exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}"; - "Mod4+h" = "exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${viber}/bin/viber"; - "Mod4+y" = '' - exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}''; + "Mod4+l" = + ''exec ${pkgs.sway}/bin/swaymsg [app_id="python3"] scratchpad show || exec ${term} -a python3 ${lib.getExe pkgs.python3}''; + "Mod4+j" = + "exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}"; + "Mod4+h" = + "exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${viber}/bin/viber"; + "Mod4+y" = + ''exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}''; "Mod4+p" = "exec ${lib.getExe pkgs.tessen} -a copy"; }; }; diff --git a/home/whatsapp-for-linux.nix b/home/whatsapp-for-linux.nix index 630c6c0..4db37a8 100644 --- a/home/whatsapp-for-linux.nix +++ b/home/whatsapp-for-linux.nix @@ -1,7 +1,8 @@ -{lib, ...}: -with lib; { +{ lib, ... }: +with lib; +{ xdg.configFile."whatsapp-for-linux/settings.conf".source = builtins.toFile "settings.conf" ( - generators.toINI {} { + generators.toINI { } { General = { zoom_level = 1; close_to_tray = false; diff --git a/home/zsh.nix b/home/zsh.nix index 74c88ed..c2c438d 100644 --- a/home/zsh.nix +++ b/home/zsh.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ programs.z-lua = { enableAliases = true; enableZshIntegration = true; @@ -63,45 +64,45 @@ file = "sudo.plugin.zsh"; } { - name = "zsh-fast-syntax-highlighting"; - src = pkgs.zsh-fast-syntax-highlighting; - file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; + name = "zsh-fast-syntax-highlighting"; + src = pkgs.zsh-fast-syntax-highlighting; + file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; } ]; envExtra = ''''; initExtra = '' - # binds - bindkey '^K' fzf-file-widget + # binds + bindkey '^K' fzf-file-widget - # options - setopt nobeep - setopt nopromptcr - setopt c_bases - setopt completeinword - setopt completealiases - setopt notify + # options + setopt nobeep + setopt nopromptcr + setopt c_bases + setopt completeinword + setopt completealiases + setopt notify - # - RPS1="" + # + RPS1="" - # - function chpwd() { - ls; - } + # + function chpwd() { + ls; + } - eval "$(direnv hook zsh)" - zstyle ':completion:*' matcher-list 'm:{a-z}={A-Za-z}' + eval "$(direnv hook zsh)" + zstyle ':completion:*' matcher-list 'm:{a-z}={A-Za-z}' - if [[ -n "$PS1" ]] && [[ -z "$TMUX" ]] && [[ -n "$SSH_CONNECTION" ]]; then - TMUX_EXE="${pkgs.tmux}/bin/tmux" - systemd-run --scope --user $TMUX_EXE attach-session -t $USER || systemd-run --scope --user $TMUX_EXE new-session -s $USER - fi + if [[ -n "$PS1" ]] && [[ -z "$TMUX" ]] && [[ -n "$SSH_CONNECTION" ]]; then + TMUX_EXE="${pkgs.tmux}/bin/tmux" + systemd-run --scope --user $TMUX_EXE attach-session -t $USER || systemd-run --scope --user $TMUX_EXE new-session -s $USER + fi - if [[ -n "$BUBBLEWRAP_DIR" ]]; then - RPS1="{{$BUBBLEWRAP_DIR}}" - fi + if [[ -n "$BUBBLEWRAP_DIR" ]]; then + RPS1="{{$BUBBLEWRAP_DIR}}" + fi ''; }; } diff --git a/magpie/configuration.nix b/magpie/configuration.nix index 07fff82..a686453 100644 --- a/magpie/configuration.nix +++ b/magpie/configuration.nix @@ -6,11 +6,15 @@ nvim, system, ... -}: { - imports = []; +}: +{ + imports = [ ]; nix.optimise.automatic = true; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; system.switch = { enable = false; enableNg = true; @@ -21,7 +25,10 @@ boot.loader.systemd-boot.configurationLimit = 2; boot.loader.efi.canTouchEfiVariables = true; boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelParams = ["ip=dhcp" "console=tty"]; + boot.kernelParams = [ + "ip=dhcp" + "console=tty" + ]; boot.kernel.sysctl = { "net.core.default_qdisc" = "fq"; "net.ipv4.tcp_congestion_control" = "bbr"; @@ -29,14 +36,17 @@ boot.initrd = { compressor = "zstd"; - availableKernelModules = ["virtio-pci" "virtio-gpu"]; + availableKernelModules = [ + "virtio-pci" + "virtio-gpu" + ]; systemd.enable = true; network = { enable = true; ssh = { enable = true; - hostKeys = [/etc/ssh_dummy_ed25519_key]; - authorizedKeyFiles = [../nixy/ssh_pubkey]; + hostKeys = [ /etc/ssh_dummy_ed25519_key ]; + authorizedKeyFiles = [ ../nixy/ssh_pubkey ]; }; }; }; @@ -74,7 +84,7 @@ enable = true; debug = false; fqdn = "mail.project-cloud.net"; - domains = ["project-cloud.net"]; + domains = [ "project-cloud.net" ]; enableSubmissionSsl = true; enableImap = false; enableImapSsl = true; @@ -84,11 +94,11 @@ loginAccounts = { "gitea@project-cloud.net" = { hashedPasswordFile = config.sops.secrets."gitea_mail_pw_hash".path; - aliases = ["git@project-cloud.net"]; + aliases = [ "git@project-cloud.net" ]; }; "asmir@project-cloud.net" = { hashedPasswordFile = config.sops.secrets."asmir_mail_pw_hash".path; - aliases = ["asmir.abdulahovic@project-cloud.net"]; + aliases = [ "asmir.abdulahovic@project-cloud.net" ]; }; }; certificateScheme = "acme-nginx"; @@ -170,12 +180,12 @@ }; /* - virtualHosts.${config.services.nextcloud.hostName} = { - quic = true; - http3 = true; - forceSSL = true; - enableACME = true; - }; + virtualHosts.${config.services.nextcloud.hostName} = { + quic = true; + http3 = true; + forceSSL = true; + enableACME = true; + }; */ virtualHosts."miniflux.project-cloud.net" = { @@ -236,15 +246,21 @@ REGISTER_EMAIL_CONFIRM = true; }; - settings."markup.restructuredtext" = let - docutils = - pkgs.python3.withPackages (ps: with ps; [docutils pygments]); - in { - ENABLED = true; - FILE_EXTENSIONS = ".rst"; - RENDER_COMMAND = "${docutils}/bin/rst2html.py"; - IS_INPUT_FILE = false; - }; + settings."markup.restructuredtext" = + let + docutils = pkgs.python3.withPackages ( + ps: with ps; [ + docutils + pygments + ] + ); + in + { + ENABLED = true; + FILE_EXTENSIONS = ".rst"; + RENDER_COMMAND = "${docutils}/bin/rst2html.py"; + IS_INPUT_FILE = false; + }; }; services.nfs.server.enable = false; @@ -262,7 +278,7 @@ paths = [ "/var/lib/gitea" ]; - exclude = []; + exclude = [ ]; repo = "ssh://na9fqv67@na9fqv67.repo.borgbase.com/./repo"; encryption = { mode = "repokey-blake2"; @@ -279,12 +295,10 @@ adminEmail = "asmir.abdulahovic" + "@" + "gmail.com"; }; - /* - needed for sendmail mail functionality - */ - users.users.gitea.extraGroups = ["postdrop"]; + # needed for sendmail mail functionality + users.users.gitea.extraGroups = [ "postdrop" ]; systemd.services.gitea.serviceConfig = { - RestrictAddressFamilies = ["AF_NETLINK"]; + RestrictAddressFamilies = [ "AF_NETLINK" ]; ProtectSystem = lib.mkForce false; }; @@ -294,7 +308,7 @@ }; sops = { - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; secrets = { "asmir_mail_pw_hash".sopsFile = ./secrets/asmir_mail_pw_hash.yaml; "borgbase_enc_key".sopsFile = ./secrets/borgbase_enc_key.yaml; @@ -310,10 +324,10 @@ owner = config.users.users.gitea.name; }; /* - "nextcloud_admin" = { - sopsFile = ./secrets/nextcloud_admin.yaml; - owner = config.users.users.nextcloud.name; - }; + "nextcloud_admin" = { + sopsFile = ./secrets/nextcloud_admin.yaml; + owner = config.users.users.nextcloud.name; + }; */ }; }; @@ -321,21 +335,29 @@ networking.hostName = "magpie"; networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [80 443 587 2049]; # http, mail, mail, nfs - networking.firewall.allowedUDPPorts = [443 51820]; #mail, wireguard + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 587 + 2049 + ]; # http, mail, mail, nfs + networking.firewall.allowedUDPPorts = [ + 443 + 51820 + ]; # mail, wireguard networking.firewall.allowPing = true; networking.firewall.logRefusedConnections = lib.mkDefault false; networking.nat.enable = true; networking.nat.externalInterface = "enp1s0"; - networking.nat.internalInterfaces = ["wg0"]; + networking.nat.internalInterfaces = [ "wg0" ]; networking.networkmanager.enable = true; networking.wireless.enable = false; networking.wireguard.interfaces = { wg0 = { - ips = ["10.100.0.1/24"]; + ips = [ "10.100.0.1/24" ]; listenPort = 51820; # This allows the wireguard server to route your traffic to the internet and hence be like a VPN @@ -353,17 +375,17 @@ { publicKey = builtins.readFile ../nixy/wg_pubkey; presharedKeyFile = config.sops.secrets."wg_preshared/nixy".path; - allowedIPs = ["10.100.0.6/32"]; + allowedIPs = [ "10.100.0.6/32" ]; } { publicKey = builtins.readFile ../mediabox/wg_pubkey; presharedKeyFile = config.sops.secrets."wg_preshared/mediabox".path; - allowedIPs = ["10.100.0.5/32"]; + allowedIPs = [ "10.100.0.5/32" ]; } { publicKey = builtins.readFile ../common/wg_pubkey_workstation; presharedKeyFile = config.sops.secrets."wg_preshared/workstation".path; - allowedIPs = ["10.100.0.4/32"]; + allowedIPs = [ "10.100.0.4/32" ]; } ]; }; diff --git a/magpie/hardware-configuration.nix b/magpie/hardware-configuration.nix index 3b9f2a4..dd1521f 100644 --- a/magpie/hardware-configuration.nix +++ b/magpie/hardware-configuration.nix @@ -5,15 +5,21 @@ lib, modulesPath, ... -}: { +}: +{ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "virtio_pci" "usbhid" "sr_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "virtio_pci" + "usbhid" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/118de1e5-f23e-4af3-a10a-054eded78152"; @@ -25,7 +31,7 @@ fsType = "vfat"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/mediabox/configuration.nix b/mediabox/configuration.nix index f08955e..9a9ad23 100644 --- a/mediabox/configuration.nix +++ b/mediabox/configuration.nix @@ -8,13 +8,14 @@ system, nvim, ... -}: { - imports = []; +}: +{ + imports = [ ]; system.stateVersion = "23.05"; system.autoUpgrade.enable = false; - sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.secrets."peerix/private" = { sopsFile = ./secrets/peerix.yaml; mode = "0400"; @@ -36,28 +37,31 @@ gc.options = "--delete-older-than 7d"; package = pkgs.nixVersions.latest; settings = { - experimental-features = ["nix-command" "flakes"]; + experimental-features = [ + "nix-command" + "flakes" + ]; }; }; boot = { initrd = { compressor = "zstd"; - availableKernelModules = ["e1000e"]; + availableKernelModules = [ "e1000e" ]; network = { enable = true; udhcpc.enable = true; ssh = { enable = true; - hostKeys = [/etc/ssh_dummy_ed25519_key]; - authorizedKeys = [(builtins.readFile ../nixy/ssh_pubkey)]; + hostKeys = [ /etc/ssh_dummy_ed25519_key ]; + authorizedKeys = [ (builtins.readFile ../nixy/ssh_pubkey) ]; }; }; }; - kernelModules = ["acpi_call"]; + kernelModules = [ "acpi_call" ]; kernelPackages = pkgs.linuxPackages_latest; - kernelParams = ["msr.allow_writes=on"]; + kernelParams = [ "msr.allow_writes=on" ]; kernel.sysctl = { "net.core.default_qdisc" = "fq"; "net.ipv4.tcp_congestion_control" = "bbr"; @@ -68,7 +72,7 @@ memtest86.enable = true; }; readOnlyNixStore = true; - supportedFilesystems = ["btrfs"]; + supportedFilesystems = [ "btrfs" ]; tmp.useTmpfs = true; tmp.tmpfsSize = "80%"; }; @@ -89,7 +93,11 @@ networking = { firewall = { enable = true; - allowedTCPPorts = [80 443 51820]; + allowedTCPPorts = [ + 80 + 443 + 51820 + ]; }; hostName = "mediabox"; @@ -97,8 +105,11 @@ interfaces.wlp3s0.useDHCP = false; useDHCP = false; wireless.enable = false; - wireless.interfaces = ["wlp3s0"]; - nameservers = ["127.0.0.1" "::1"]; + wireless.interfaces = [ "wlp3s0" ]; + nameservers = [ + "127.0.0.1" + "::1" + ]; dhcpcd.extraConfig = "nohook resolv.conf"; networkmanager.dns = "none"; extraHosts = '' @@ -112,13 +123,13 @@ wireguard.interfaces = { wg0 = { - ips = ["10.100.0.5/24"]; + ips = [ "10.100.0.5/24" ]; privateKeyFile = config.sops.secrets."wg_privkey".path; peers = [ { publicKey = builtins.readFile ../magpie/wg_pubkey; presharedKeyFile = config.sops.secrets."wg_preshared/mediabox".path; - allowedIPs = ["10.100.0.0/24"]; + allowedIPs = [ "10.100.0.0/24" ]; endpoint = "5.75.229.224:51820"; persistentKeepalive = 25; } @@ -130,7 +141,7 @@ time.timeZone = "Europe/Sarajevo"; nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [nvim.overlays.${system}.overlay]; + nixpkgs.overlays = [ nvim.overlays.${system}.overlay ]; environment = { homeBinInPath = true; variables = { @@ -153,13 +164,13 @@ systemd = { services = { "macchanger-wireless" = { - after = ["sys-subsystem-net-devices-wlp3s0.device"]; - before = ["network-pre.target"]; - bindsTo = ["sys-subsystem-net-devices-wlp3s0.device"]; + after = [ "sys-subsystem-net-devices-wlp3s0.device" ]; + before = [ "network-pre.target" ]; + bindsTo = [ "sys-subsystem-net-devices-wlp3s0.device" ]; description = "Changes MAC of my wireless interface for privacy reasons"; stopIfChanged = false; - wantedBy = ["multi-user.target"]; - wants = ["network-pre.target"]; + wantedBy = [ "multi-user.target" ]; + wants = [ "network-pre.target" ]; script = '' ${pkgs.macchanger}/bin/macchanger -e wlp3s0 || true ''; @@ -168,8 +179,8 @@ "zremap" = { description = "Intercepts keyboard udev events"; - wants = ["systemd-udevd.service"]; - wantedBy = ["multi-user.target"]; + wants = [ "systemd-udevd.service" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig.Nice = -20; script = '' sleep 1 @@ -180,26 +191,30 @@ "wakeonlan" = { description = "Reenable wake on lan every boot"; - after = ["network.target"]; + after = [ "network.target" ]; serviceConfig = { Type = "oneshot"; ExecStart = "${pkgs.ethtool}/sbin/ethtool -s enp0s25 wol m"; }; - wantedBy = ["default.target" "suspend.target" "shutdown.target"]; + wantedBy = [ + "default.target" + "suspend.target" + "shutdown.target" + ]; }; /* - "cpu_setting" = { - description = "Enable turboot boost and undervolt cpu after suspend"; - wantedBy = ["post-resume.target" "multi-user.target"]; - after = ["post-resume.target"]; - script = '' - echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo - echo 0 > /sys/devices/system/cpu/intel_pstate/no_turbo - ${pkgs.undervolt}/bin/undervolt --core -105 --cache -105 --uncore -105 --gpu -15 -p1 47 28 -p2 57 0.0025 - ''; - serviceConfig.Type = "oneshot"; - }; + "cpu_setting" = { + description = "Enable turboot boost and undervolt cpu after suspend"; + wantedBy = ["post-resume.target" "multi-user.target"]; + after = ["post-resume.target"]; + script = '' + echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo + echo 0 > /sys/devices/system/cpu/intel_pstate/no_turbo + ${pkgs.undervolt}/bin/undervolt --core -105 --cache -105 --uncore -105 --gpu -15 -p1 47 28 -p2 57 0.0025 + ''; + serviceConfig.Type = "oneshot"; + }; */ }; }; @@ -313,39 +328,45 @@ windowManager.icewm.enable = true; }; - udev.packages = []; + udev.packages = [ ]; tlp = { enable = true; - settings = {}; + settings = { }; }; actkbd = { enable = true; bindings = [ { - keys = [121]; - events = ["key"]; + keys = [ 121 ]; + events = [ "key" ]; command = "${pkgs.alsaUtils}/bin/amixer -q set Master toggle"; } { - keys = [122]; - events = ["key" "rep"]; + keys = [ 122 ]; + events = [ + "key" + "rep" + ]; command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}- unmute"; } { - keys = [123]; - events = ["key" "rep"]; + keys = [ 123 ]; + events = [ + "key" + "rep" + ]; command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}+ unmute"; } { - keys = [224]; - events = ["key"]; + keys = [ 224 ]; + events = [ "key" ]; command = "/run/current-system/sw/bin/light -U 5"; } { - keys = [225]; - events = ["key"]; + keys = [ 225 ]; + events = [ "key" ]; command = "/run/current-system/sw/bin/light -A 5"; } ]; @@ -438,7 +459,16 @@ users.users.akill = { isNormalUser = true; shell = pkgs.zsh; - extraGroups = ["wireshark" "wheel" "kvm" "tty" "audio" "sound" "adbusers" "transmission"]; + extraGroups = [ + "wireshark" + "wheel" + "kvm" + "tty" + "audio" + "sound" + "adbusers" + "transmission" + ]; openssh.authorizedKeys.keys = [ (builtins.readFile ../nixy/ssh_pubkey) ]; @@ -447,12 +477,21 @@ users.users.ado = { isNormalUser = true; shell = pkgs.zsh; - extraGroups = ["wireshark" "wheel" "kvm" "tty" "audio" "sound" "adbusers" "transmission"]; + extraGroups = [ + "wireshark" + "wheel" + "kvm" + "tty" + "audio" + "sound" + "adbusers" + "transmission" + ]; }; users.users.mediauser = { isNormalUser = true; shell = pkgs.bash; - extraGroups = []; + extraGroups = [ ]; }; } diff --git a/mediabox/hardware-configuration.nix b/mediabox/hardware-configuration.nix index fbdbbd1..a7c70cb 100644 --- a/mediabox/hardware-configuration.nix +++ b/mediabox/hardware-configuration.nix @@ -5,20 +5,32 @@ lib, modulesPath, ... -}: { +}: +{ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usb_storage" + "sd_mod" + "rtsx_pci_sdmmc" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/ae774285-60dc-4b08-ab26-8208e8f4e81e"; fsType = "btrfs"; - options = ["subvol=root" "compress=lzo" "noatime"]; + options = [ + "subvol=root" + "compress=lzo" + "noatime" + ]; }; boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/60aa7671-bfee-451b-b871-ac7c5a4a9f3a"; @@ -26,25 +38,41 @@ fileSystems."/home" = { device = "/dev/disk/by-uuid/ae774285-60dc-4b08-ab26-8208e8f4e81e"; fsType = "btrfs"; - options = ["subvol=home" "compress=lzo" "noatime"]; + options = [ + "subvol=home" + "compress=lzo" + "noatime" + ]; }; fileSystems."/nix" = { device = "/dev/disk/by-uuid/ae774285-60dc-4b08-ab26-8208e8f4e81e"; fsType = "btrfs"; - options = ["subvol=nix" "compress=lzo" "noatime"]; + options = [ + "subvol=nix" + "compress=lzo" + "noatime" + ]; }; fileSystems."/persist" = { device = "/dev/disk/by-uuid/ae774285-60dc-4b08-ab26-8208e8f4e81e"; fsType = "btrfs"; - options = ["subvol=persist" "compress=lzo" "noatime"]; + options = [ + "subvol=persist" + "compress=lzo" + "noatime" + ]; }; fileSystems."/var/log" = { device = "/dev/disk/by-uuid/ae774285-60dc-4b08-ab26-8208e8f4e81e"; fsType = "btrfs"; - options = ["subvol=log" "compress=lzo" "noatime"]; + options = [ + "subvol=log" + "compress=lzo" + "noatime" + ]; neededForBoot = true; }; @@ -54,7 +82,7 @@ }; swapDevices = [ - {device = "/dev/disk/by-uuid/7b44ab02-84ff-4ffd-be26-58247cf5a982";} + { device = "/dev/disk/by-uuid/7b44ab02-84ff-4ffd-be26-58247cf5a982"; } ]; hardware.cpu.intel.updateMicrocode = true; diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix index 4492abe..f439584 100644 --- a/modules/nextcloud.nix +++ b/modules/nextcloud.nix @@ -2,7 +2,8 @@ config, pkgs, ... -}: { +}: +{ # Enable Nginx services.nginx = { enable = true; @@ -61,7 +62,7 @@ enable = true; # Ensure the database, user, and permissions always exist - ensureDatabases = ["nextcloud"]; + ensureDatabases = [ "nextcloud" ]; ensureUsers = [ { name = "nextcloud"; @@ -72,7 +73,7 @@ # Ensure that postgres is running before running the setup systemd.services."nextcloud-setup" = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; }; } diff --git a/modules/qbittorrent.nix b/modules/qbittorrent.nix index 493c3b7..c236731 100644 --- a/modules/qbittorrent.nix +++ b/modules/qbittorrent.nix @@ -4,11 +4,13 @@ pkgs, ... }: -with lib; let +with lib; +let cfg = config.services.qbittorrent; configDir = "${cfg.dataDir}/.config"; openFilesLimit = 4096; -in { +in +{ options.services.qbittorrent = { enable = mkOption { type = types.bool; @@ -67,24 +69,24 @@ in { }; config = mkIf cfg.enable { - environment.systemPackages = [pkgs.qbittorrent]; + environment.systemPackages = [ pkgs.qbittorrent ]; nixpkgs.overlays = [ (final: prev: { - qbittorrent = prev.qbittorrent.override {guiSupport = false;}; + qbittorrent = prev.qbittorrent.override { guiSupport = false; }; }) ]; networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [cfg.port]; - allowedUDPPorts = [cfg.port]; + allowedTCPPorts = [ cfg.port ]; + allowedUDPPorts = [ cfg.port ]; }; systemd.services.qbittorrent = { - after = ["network.target"]; + after = [ "network.target" ]; description = "qBittorrent Daemon"; - wantedBy = ["multi-user.target"]; - path = [pkgs.qbittorrent]; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.qbittorrent ]; serviceConfig = { ExecStart = '' ${pkgs.qbittorrent}/bin/qbittorrent-nox \ @@ -110,7 +112,10 @@ in { }; }; - users.groups = - mkIf (cfg.group == "qbittorrent") {qbittorrent = {gid = null;};}; + users.groups = mkIf (cfg.group == "qbittorrent") { + qbittorrent = { + gid = null; + }; + }; }; } diff --git a/nixy/configuration.nix b/nixy/configuration.nix index 8aa6699..daa3fca 100644 --- a/nixy/configuration.nix +++ b/nixy/configuration.nix @@ -6,8 +6,9 @@ system, zremap, ... -}: { - imports = []; +}: +{ + imports = [ ]; system.stateVersion = "23.05"; system.autoUpgrade.enable = false; @@ -17,7 +18,7 @@ }; sops = { - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; secrets = { "peerix/private" = { sopsFile = ./secrets/peerix.yaml; @@ -61,17 +62,29 @@ package = pkgs.nixVersions.latest; settings = { sandbox = true; - experimental-features = ["nix-command" "flakes"]; + experimental-features = [ + "nix-command" + "flakes" + ]; }; }; boot = { - extraModulePackages = with config.boot.kernelPackages; [usbip v4l2loopback]; + extraModulePackages = with config.boot.kernelPackages; [ + usbip + v4l2loopback + ]; initrd.compressor = "zstd"; - initrd.kernelModules = []; + initrd.kernelModules = [ ]; initrd.systemd.enable = true; - binfmt.emulatedSystems = ["wasm32-wasi" "x86_64-windows"]; - kernelParams = ["psmouse.synaptics_intertouch=0" "mem_sleep_default=deep"]; + binfmt.emulatedSystems = [ + "wasm32-wasi" + "x86_64-windows" + ]; + kernelParams = [ + "psmouse.synaptics_intertouch=0" + "mem_sleep_default=deep" + ]; kernel.sysctl = { "net.core.default_qdisc" = "fq"; "net.ipv4.tcp_congestion_control" = "bbr"; @@ -83,7 +96,10 @@ memtest86.enable = true; }; readOnlyNixStore = true; - supportedFilesystems = ["f2fs" "xfs"]; + supportedFilesystems = [ + "f2fs" + "xfs" + ]; tmp.useTmpfs = true; }; @@ -94,7 +110,7 @@ doas.enable = true; doas.extraRules = [ { - users = ["akill"]; + users = [ "akill" ]; keepEnv = true; persist = true; } @@ -109,11 +125,19 @@ nftables.enable = true; firewall = { enable = true; - allowedTCPPorts = [80 443 51820 8020]; + allowedTCPPorts = [ + 80 + 443 + 51820 + 8020 + ]; }; hostName = "nixy"; - nameservers = ["127.0.0.1" "::1"]; + nameservers = [ + "127.0.0.1" + "::1" + ]; dhcpcd.extraConfig = "nohook resolv.conf"; extraHosts = '' @@ -144,13 +168,13 @@ wireguard.interfaces = { wg0 = { - ips = ["10.100.0.6/24"]; + ips = [ "10.100.0.6/24" ]; privateKeyFile = config.sops.secrets."wg_privkey".path; peers = [ { publicKey = builtins.readFile ../magpie/wg_pubkey; presharedKeyFile = config.sops.secrets."wg_preshared/nixy".path; - allowedIPs = ["10.100.0.0/24"]; + allowedIPs = [ "10.100.0.0/24" ]; endpoint = "5.75.229.224:51820"; persistentKeepalive = 25; } @@ -158,12 +182,12 @@ }; neox_wg = { - ips = ["192.168.51.2/32"]; + ips = [ "192.168.51.2/32" ]; privateKeyFile = config.sops.secrets."wg_privkey".path; peers = [ { publicKey = builtins.readFile ../nixy/wg_pubkey_nx; - allowedIPs = ["192.168.2.0/24"]; + allowedIPs = [ "192.168.2.0/24" ]; endpoint = "185.194.64.26:51820"; persistentKeepalive = 25; } @@ -175,7 +199,10 @@ time.timeZone = "Europe/Sarajevo"; nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [nix-xilinx.overlay nvim.overlays.${system}.overlay]; + nixpkgs.overlays = [ + nix-xilinx.overlay + nvim.overlays.${system}.overlay + ]; environment = { etc = { "firejail/qutebrowser.local".text = '' @@ -234,7 +261,7 @@ "netns@" = { description = "%I network namespace"; - before = ["network.target"]; + before = [ "network.target" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; @@ -245,11 +272,11 @@ "wg_proton" = { description = "wg network interface"; - bindsTo = ["netns@wg.service"]; - requires = ["network-online.target"]; - wants = ["dnscrypt-proxy2_proton.service"]; - after = ["netns@wg.service"]; - before = ["dnscrypt-proxy2_proton.service"]; + bindsTo = [ "netns@wg.service" ]; + requires = [ "network-online.target" ]; + wants = [ "dnscrypt-proxy2_proton.service" ]; + after = [ "netns@wg.service" ]; + before = [ "dnscrypt-proxy2_proton.service" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; @@ -260,7 +287,9 @@ ${pkgs.iproute2}/bin/ip link set proton_wg netns wg ${pkgs.iproute2}/bin/ip -n wg address add 10.2.0.2/32 dev proton_wg ${pkgs.iproute2}/bin/ip netns exec wg \ - ${pkgs.wireguard-tools}/bin/wg set "proton_wg" private-key "${config.sops.secrets."wg_privkey_proton".path}" + ${pkgs.wireguard-tools}/bin/wg set "proton_wg" private-key "${ + config.sops.secrets."wg_privkey_proton".path + }" ${pkgs.iproute2}/bin/ip netns exec wg \ ${pkgs.wireguard-tools}/bin/wg set "proton_wg" peer "g6DkXWKI/68RsLjROIwCEcyB/ZhyK5Q7OWcz1TtqER0=" \ endpoint "$ENDPOINT_IP:51820" \ @@ -283,9 +312,9 @@ "network-online.target" "nss-lookup.target" ]; - before = ["nss-lookup.target"]; - after = ["wg_proton.service"]; - partOf = ["wg_proton.service"]; + before = [ "nss-lookup.target" ]; + after = [ "wg_proton.service" ]; + partOf = [ "wg_proton.service" ]; serviceConfig = { AmbientCapabilities = "CAP_NET_BIND_SERVICE"; CacheDirectory = "dnscrypt-proxy"; @@ -372,7 +401,10 @@ }; udev = { - packages = [pkgs.openhantek6022 pkgs.openocd]; + packages = [ + pkgs.openhantek6022 + pkgs.openocd + ]; extraRules = '' #Xilinx FTDI ACTION=="add", ATTR{idVendor}=="0403", ATTR{manufacturer}=="Xilinx", MODE:="666" @@ -403,32 +435,38 @@ enable = true; bindings = [ { - keys = [113]; - events = ["key"]; + keys = [ 113 ]; + events = [ "key" ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'"; } { - keys = [114]; - events = ["key" "rep"]; + keys = [ 114 ]; + events = [ + "key" + "rep" + ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'"; } { - keys = [115]; - events = ["key" "rep"]; + keys = [ 115 ]; + events = [ + "key" + "rep" + ]; command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'"; } { - keys = [224]; - events = ["key"]; + keys = [ 224 ]; + events = [ "key" ]; command = "${pkgs.light}/bin/light -U 5"; } { - keys = [225]; - events = ["key"]; + keys = [ 225 ]; + events = [ "key" ]; command = "${pkgs.light}/bin/light -A 5"; } ]; @@ -454,33 +492,35 @@ }; }; - borgbackup.jobs."borgbase" = let - user = config.users.users.akill; - home = user.home; - in { - user = user.name; - paths = [ - (home + "/pic/priv") - (home + "/pproj") - (home + "/videos/priv") - ]; - exclude = [ - "**/.ccls_cache" - "**/*.d" - "**/*.map" - "**/*.o" - "**/zig-cache" - "**/zig-out" - ]; - repo = "ssh://oda929rv@oda929rv.repo.borgbase.com/./repo"; - encryption = { - mode = "repokey-blake2"; - passCommand = "${pkgs.coreutils-full}/bin/cat ${config.sops.secrets."borgbase_enc_key".path}"; + borgbackup.jobs."borgbase" = + let + user = config.users.users.akill; + home = user.home; + in + { + user = user.name; + paths = [ + (home + "/pic/priv") + (home + "/pproj") + (home + "/videos/priv") + ]; + exclude = [ + "**/.ccls_cache" + "**/*.d" + "**/*.map" + "**/*.o" + "**/zig-cache" + "**/zig-out" + ]; + repo = "ssh://oda929rv@oda929rv.repo.borgbase.com/./repo"; + encryption = { + mode = "repokey-blake2"; + passCommand = "${pkgs.coreutils-full}/bin/cat ${config.sops.secrets."borgbase_enc_key".path}"; + }; + environment.BORG_RSH = "${pkgs.openssh}/bin/ssh -i ${config.sops.secrets."borgbase_ssh_key".path}"; + compression = "auto,zstd"; + startAt = "daily"; }; - environment.BORG_RSH = "${pkgs.openssh}/bin/ssh -i ${config.sops.secrets."borgbase_ssh_key".path}"; - compression = "auto,zstd"; - startAt = "daily"; - }; nix-serve = { enable = false; @@ -519,7 +559,7 @@ allowBitmaps = true; useEmbeddedBitmaps = true; defaultFonts = { - monospace = ["JetBrainsMono"]; + monospace = [ "JetBrainsMono" ]; }; }; @@ -548,7 +588,14 @@ }; virtualisation = { - spiceUSBRedirection.enable = true; + libvirtd = { + enable = true; + allowedBridges = [ + "virbr0" + "br0" + ]; + }; + spiceUSBRedirection.enable = true; containers.storage.settings = { storage = { graphroot = "/var/lib/containers/storage"; @@ -574,7 +621,7 @@ graphics = { enable = true; - extraPackages = []; + extraPackages = [ ]; }; rtl-sdr.enable = true; }; @@ -587,6 +634,15 @@ users.users.akill = { isNormalUser = true; shell = pkgs.zsh; - extraGroups = ["wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout" "wheel"]; + extraGroups = [ + "wireshark" + "kvm" + "tty" + "audio" + "sound" + "adbusers" + "dialout" + "wheel" + ]; }; } diff --git a/nixy/hardware-configuration.nix b/nixy/hardware-configuration.nix index 52fcfcb..3e95ad3 100644 --- a/nixy/hardware-configuration.nix +++ b/nixy/hardware-configuration.nix @@ -1,40 +1,61 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.luks.devices."crypt_dev".device = "/dev/disk/by-uuid/e10821b9-5426-4f03-b716-1645a64fcd6a"; + boot.initrd.luks.devices."crypt_dev".device = + "/dev/disk/by-uuid/e10821b9-5426-4f03-b716-1645a64fcd6a"; boot.initrd.luks.devices."crypt_dev".allowDiscards = true; - boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "uas" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "ehci_pci" + "xhci_pci" + "uas" + "usb_storage" + "sd_mod" + "rtsx_pci_sdmmc" + ]; boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-amd" "amd-gpu" ]; + boot.kernelModules = [ + "kvm-amd" + "amd-gpu" + ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/c461c971-54ca-4fb7-91e8-6ac70de53ef2"; - fsType = "xfs"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/c461c971-54ca-4fb7-91e8-6ac70de53ef2"; + fsType = "xfs"; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/eeaa6fab-d67d-400f-b6d4-b1f44c2e0047"; - fsType = "xfs"; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/eeaa6fab-d67d-400f-b6d4-b1f44c2e0047"; + fsType = "xfs"; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/aeaa71ca-a439-4ef3-9ab8-db7ae8f59376"; - fsType = "xfs"; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/aeaa71ca-a439-4ef3-9ab8-db7ae8f59376"; + fsType = "xfs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/828E-F3C3"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/828E-F3C3"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; swapDevices = [ ]; diff --git a/packages/bubblewrap/default.nix b/packages/bubblewrap/default.nix index 44645bd..1538d00 100644 --- a/packages/bubblewrap/default.nix +++ b/packages/bubblewrap/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { description = "Unprivileged sandboxing tool"; homepage = "https://github.com/containers/bubblewrap"; license = licenses.lgpl2Plus; - maintainers = with maintainers; [dotlambda]; + maintainers = with maintainers; [ dotlambda ]; platforms = platforms.linux; mainProgram = "bwrap"; }; diff --git a/packages/viber/default.nix b/packages/viber/default.nix index d1c536a..11d9b3e 100644 --- a/packages/viber/default.nix +++ b/packages/viber/default.nix @@ -52,8 +52,8 @@ stdenv.mkDerivation { hash = "sha256-9WHiI2WlsgEhCPkrQoAunmF6lSb2n5RgQJ2+sdnSShM="; }; - nativeBuildInputs = [makeWrapper]; - buildInputs = [dpkg]; + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ dpkg ]; dontUnpack = true; @@ -115,55 +115,57 @@ stdenv.mkDerivation { xorg.libxkbfile ]; - installPhase = let - viberWrap = writeShellScriptBin "viberWrap" '' - ${bubblewrap}/bin/bwrap --bind / / \ - --dev /dev \ - --tmpfs $HOME \ - --bind $HOME/.ViberPC/ $HOME/.ViberPC \ - --bind $HOME/Downloads/ $HOME/Downloads \ - $@ + installPhase = + let + viberWrap = writeShellScriptBin "viberWrap" '' + ${bubblewrap}/bin/bwrap --bind / / \ + --dev /dev \ + --tmpfs $HOME \ + --bind $HOME/.ViberPC/ $HOME/.ViberPC \ + --bind $HOME/Downloads/ $HOME/Downloads \ + $@ + ''; + in + '' + dpkg-deb -x $src $out + mkdir -p $out/bin + + # Soothe nix-build "suspicions" + chmod -R g-w $out + + for file in $(find $out -type f \( -perm /0111 -o -name \*.so\* \) ); do + patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "$file" || true + patchelf --set-rpath $libPath:$out/opt/viber/lib $file || true + done + + # qt.conf is not working, so override everything using environment variables + wrapProgram $out/opt/viber/Viber \ + --set QT_PLUGIN_PATH "$out/opt/viber/plugins" \ + --set QT_XKB_CONFIG_ROOT "${xorg.xkeyboardconfig}/share/X11/xkb" \ + --set QTCOMPOSE "${xorg.libX11.out}/share/X11/locale" \ + --set QML2_IMPORT_PATH "$out/opt/viber/qml" + + echo "#!${bash}/bin/bash" > $out/bin/viber + echo "${viberWrap}/bin/viberWrap $out/opt/viber/Viber" >> $out/bin/viber + chmod +x $out/bin/viber + + mv $out/usr/share $out/share + rm -rf $out/usr + + # Fix the desktop link + substituteInPlace $out/share/applications/viber.desktop \ + --replace /opt/viber/Viber $out/opt/viber/Viber \ + --replace /usr/share/ $out/share/ ''; - in '' - dpkg-deb -x $src $out - mkdir -p $out/bin - - # Soothe nix-build "suspicions" - chmod -R g-w $out - - for file in $(find $out -type f \( -perm /0111 -o -name \*.so\* \) ); do - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "$file" || true - patchelf --set-rpath $libPath:$out/opt/viber/lib $file || true - done - - # qt.conf is not working, so override everything using environment variables - wrapProgram $out/opt/viber/Viber \ - --set QT_PLUGIN_PATH "$out/opt/viber/plugins" \ - --set QT_XKB_CONFIG_ROOT "${xorg.xkeyboardconfig}/share/X11/xkb" \ - --set QTCOMPOSE "${xorg.libX11.out}/share/X11/locale" \ - --set QML2_IMPORT_PATH "$out/opt/viber/qml" - - echo "#!${bash}/bin/bash" > $out/bin/viber - echo "${viberWrap}/bin/viberWrap $out/opt/viber/Viber" >> $out/bin/viber - chmod +x $out/bin/viber - - mv $out/usr/share $out/share - rm -rf $out/usr - - # Fix the desktop link - substituteInPlace $out/share/applications/viber.desktop \ - --replace /opt/viber/Viber $out/opt/viber/Viber \ - --replace /usr/share/ $out/share/ - ''; dontStrip = true; dontPatchELF = true; meta = { homepage = "https://www.viber.com"; description = "An instant messaging and Voice over IP (VoIP) app"; - sourceProvenance = with lib.sourceTypes; [binaryNativeCode]; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; license = lib.licenses.unfree; - platforms = ["x86_64-linux"]; - maintainers = with lib.maintainers; [jagajaga]; + platforms = [ "x86_64-linux" ]; + maintainers = with lib.maintainers; [ jagajaga ]; }; }